mirror of
https://github.com/google/blockly.git
synced 2026-01-07 17:10:11 +01:00
d2329f8cba
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure. Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
34 lines
1.1 KiB
YAML
34 lines
1.1 KiB
YAML
# To get started with Dependabot version updates, you'll need to specify which
|
|
# package ecosystems to update and where the package manifests are located.
|
|
# Please see the documentation for all configuration options:
|
|
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
|
|
|
version: 2
|
|
updates:
|
|
- package-ecosystem: "npm" # See documentation for possible values
|
|
directory: "/" # Location of package manifests
|
|
target-branch: "develop"
|
|
schedule:
|
|
interval: "weekly"
|
|
ignore:
|
|
- dependency-name: "jsdom"
|
|
# For jsdom, ignore all updates for version 16.
|
|
# We should test that this does not cause issue
|
|
# google/blockly-samples#665 when version 17 is released.
|
|
versions: "16.x"
|
|
commit-message:
|
|
prefix: "chore(deps)"
|
|
labels:
|
|
- "PR: chore"
|
|
- "PR: dependencies"
|
|
- package-ecosystem: "github-actions" # See documentation for possible values
|
|
directory: "/"
|
|
target-branch: "develop"
|
|
schedule:
|
|
interval: "weekly"
|
|
commit-message:
|
|
prefix: "chore(deps)"
|
|
labels:
|
|
- "PR: chore"
|
|
- "PR: dependencies"
|